How to protect individual field value in a distributed FileMaker database..??

I have a "PayPal for FileMaker" solution I put together that uses the Scodigo PHP SmartPill plugin.

Scodigo's plugin has a license I have to buy and then I can distribute it with my solution, however, I need to find a way to hide this license key from people that I distribute my solution to, while still making it available to the solution itself so that it can run properly.

Within the solution file is a script like this:

PHPRegister('123456789', 'Product Name');

So the value 123456789 needs to be hidden from users so they can never see it, but still needs to be available to this function within the solution file that I am distributing.

Is there a way I can store the value in a container field that cannot be accessed by anything but the script, or any other way I can handle this situation?

I have a number of Developer plugin licenses and as long as you've restricted the normal user privilege set to disallow access to Script editing, you can just leave the license key in the script step. Only a user with full access privileges could access it, and if you are distributing the solution as a Runtime, there is an option to entirely remove Full Access privileges from the Runtime solution.

You could enter the key in a global field and then remove the field from any layout, restrict the field access in the Privilege set, and then set the script that calls it to run with full access privileges.

You could enter the key in a global field and then remove the field from any layout, restrict the field access in the Privilege set, and then set the script that calls it to run with full access privileges.

Any chance you could provide a simple example of this in a bare bones DB?

The attached file shows the use of a global field in a Plugin Registration script. I created a global text field called "LicenseKey", entered the key in it and then removed it from the layout. I then created a script to run the Plugin "Register" function. I'm using the SMTPit plugin as an example, but since you probably don't have that plugin installed, I commented the actual registration string so you can see how I've used the LicenseKey field in the Register function. (it would otherwise simply show "<function missing>" if you didn't have the plugin. The script is set to Run with full access privileges, which I turned on by right-clicking on the script.

I also created a Privilege Sets, Standard User Restricted Field which specifically prevents the user from seeing the LicenseKey field, and also from editing layouts, scripts or value lists. If you log in as "Admin" (no password) you'll see the field. If you login as "Standard" (again, with no password) you can't access the field.

As noted above, you can simply remove the field from any layout, but to be honest, I wouldn't even both to put it into a field in the first place. The simplest thing to do would be to simply enter the plugin LicenseKey in the plugin Registration function and then restrict any non-developer privilege sets to "Scripts: Execute Only". That prevents users from getting into the script editor at all which they would need to do in order to read the license key in the Set Variable or Set Field script step used to Register the plugin.

As long as you don't allow users to get in using the Full Access Privilege set AND the Privilege set they are using restricts script to Execute Only for scripts you should be perfectly fine including the License Key in the script step as long as the script is set to run with full access privileges.Example-Hidden-field.fmp12